Lucene search

K
osvGoogleOSV:USN-4973-2
HistoryOct 04, 2021 - 12:04 p.m.

python3.8 vulnerability

2021-10-0412:04:34
Google
osv.dev
11
python3.8 vulnerability
usn-4973-1
octal strings
access restrictions

AI Score

7.3

Confidence

Low

EPSS

0.008

Percentile

81.7%

USN-4973-1 fixed this vulnerability previously, but it was re-introduced
in python3.8 in focal because of the SRU in LP: #1928057. This update fixes
the problem.

Original advisory details:

It was discovered that the Python stdlib ipaddress API incorrectly handled
octal strings. A remote attacker could possibly use this issue to perform a
wide variety of attacks, including bypassing certain access restrictions.